Module1 Flashcards
What are the benefits of Security?
• Protects against external and internal threats
• Meets regulatory compliance (laws & guidelines)
• Maintains and improves business productivity
• Reduces expenses associated with risk
• Maintains brand trust
What is a “Threat Actor”?
Any person or group who presents a security risk.
What is Cybersecurity?
The practice of ensuring confidentiality, integrity, and availability of information by protecting networks, devices, people, and data from unauthorised access or criminal exploitation.
What do security analysts do?
Security analysts are responsible for monitoring and protecting information and systems.
What is “compliance”?
The process of adhering to internal standards and external regulations.
What are “Security Frameworks”?
Guidelines used for building plans to help mitigate risks and threats to data and privacy
What are “Security Controls”?
Safeguards designed to reduce specific security risks. Used within security frameworks to establish a strong security posture.
What is “Security Posture”?
An organisation’s ability to manage its defence of critical assets and data and react to change.
NOTE: Strong security posture = lower risk for the organization.
What is “Network Security “?
The practice of keeping an organisation’s network infrastructure secure from unauthorised access.
What is “Cloud Security”?
The process of ensuring that assets stored in the cloud are properly configured or set up correctly and access to those assets is limited to authorised users.
What is “The Cloud”?
A network made up of a collection of servers or computers that store resources and data in remote physical locations (data centres) that can be accessed via the Internet.
What is an external threat?
Someone outside of an organisation trying to gain access to private networks, information, or devices.
What is an internal threat?
Current or former employees, trusted partners, or external vendors.
What are the responsibilities of a Security Analyst?
• Protecting computer and network systems
• Installing prevention software
• Conducting periodic security audits
What does SIEM stand for?
Security Information & Event Management
What do digital forensics investigators do?
Attempt to identify, analyse, and preserve criminal evidence within networks, computers, and electronic devices
What does PII stand for?
Personally Identifiable Information
What does SPII stand for?
Sensitive Personally Identifiable Information
What is an example of PII?
Email address
Date of birth
Phone number
Home address
IP address
Physical address
What is an example of SPII?
Medical information
Financial information
Biometric data
Social security numbers
What is “Identity Theft”?
The act of stealing personal information to commit fraud while impersonating the victim.
What is the primary objective of Identity Theft?
Financial gain
What is programming?
A process that can be used to create a specific set of instructions for a computer to execute tasks.
What is a security audit?
A review of an organisation’s security records, activities, and other related documents.
What does Network Security cover?
Data, services, systems, and devices that are stored in an organisation’s network.
